1、 ISO/IEC 2014 Information technology Guide to on-card biometric comparison standards and applications Technologies de linformation Guide des normes et applications de comparaison biomtrique sur carte TECHNICAL REPORT ISO/IEC TR 30117 First edition 2014-03-15 Reference number ISO/IEC TR 30117:2014(E)
2、 ISO/IEC TR 30117:2014(E)ii ISO/IEC 2014 All rights reserved COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2014 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, o
3、r posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail
4、 copyrightiso.org Web www.iso.org Published in Switzerland ISO/IEC TR 30117:2014(E) ISO/IEC 2014 All rights reserved iii Contents Page Foreword iv Introduction v 1 Scope . 1 2 T erms and definitions . 1 3 Symbols and abbreviated terms . 3 4 Relationships between biometrics and ICCs . 3 5 Data Format
5、s. 5 6 Security mechanisms . 6 7 Application development 7 8 A pplication pr ofiles . 8 9 Technology evaluation 8 10 Implementing on-card biometric comparison solutions . 9 10.1 Spanish National ID Card (DNIe) . 9 Bibliography .12 ISO/IEC TR 30117:2014(E) Foreword ISO (the International Organization
6、 for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective
7、 organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information te
8、chnology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. The procedures used to develop this document and those intended for its further maintenance are described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the different types
9、 of document should be noted. This document was drafted in accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives). Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not b
10、e held responsible for identifying any or all such patent rights. Details of any patent rights identified during the development of the document will be in the Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents). Any trade name used in this document is infor
11、mation given for the convenience of users and does not constitute an endorsement. For an explanation on the meaning of ISO specific terms and expressions related to conformity assessment, as well as information about ISOs adherence to the WTO principles in the Technical Barriers to Trade (TBT) see t
12、he following URL: Foreword - Supplementary information The committee responsible for this document is ISO/IEC JTC 1, Information technology, SC 17, Cards and personal identification.iv ISO/IEC 2014 All rights reserved ISO/IEC TR 30117:2014(E) Introduction There are a large number of applications whe
13、re the need of implementing jointly integrated circuit cards ICC (i.e. smart cards) and biometrics can arise. In those cases, system designers and integrators have to be aware of the whole range of international standards and technical reports that may be applicable. All these potential reference do
14、cuments have been developed by different standardization bodies and different subcommittees. For example, those standards dealing with ICCs are defined within ISO/IEC JTC 1/SC 17, while those dealing with biometrics are developed in ISO/IEC JTC 1/SC 37. Furthermore, when security aspects are to be c
15、onsidered, the works in ISO/IEC JTC 1/SC 27 have to be referenced. In this context, the system designer and developer have in their hands a large number of documents, and on some occasions little information about which of them are really applicable to the application to be developed, and which alte
16、rnatives can be faced. This Technical Report provides a guide to those developers by enumerating and referring to those published standards and reports, relating them to the kind of application to be developed. When referring to different applications, these will be classified attending to the authe
17、ntication needs of the application, not to the final sector where the application is to be deployed. Interactions among standards cover different implementation levels, from data formats to be used to the application profiles, including application programming interfaces (APIs) and security mechanis
18、ms. This Technical Report places special emphasis on providing recommendations and policies needed by developers to integrate applications related to on-card biometric comparison. The structure of this Technical Report is as follows. Clause 4 provides a first overview to the different decisions that
19、 have to be taken when developing an application that may involve the use of ICCs and biometrics. Clauses 5 to 9 provide an overview to the different International Standards and Technical Reports that may be applicable to the application to be developed. Clause 10 will provide examples of implementa
20、tions that may be used by application designers and developers as guidelines. ISO/IEC 2014 All rights reserved v Information technology Guide to on-card biometric comparison standards and applications 1 Scope This Technical Report summarizes how the international standards, recommendations and techn
21、ical reports dealing with identification cards, biometrics and/or information security relate to each other with regard to the joint use of biometrics and integrated circuit cards. It also provides further recommendations and policies needed by developers to integrate applications related to on-card
22、 biometric comparison. 2 T erms a nd definiti ons For the purposes of this document, the following terms and definitions apply. 2.1 biometric probe biometric query biometric sample or biometric feature set input to an algorithm for use as the subject of biometric comparison to a biometric reference(
23、s) Note 1 to entry: The term comparison refers to comparison in the biometric sense. Note 2 to entry: The subject/object labelling in a comparison might be arbitrary. In some comparisons a biometric reference might be used as the subject of the comparison with other biometric references or incoming
24、samples used as the objects of the comparisons. For example, in a duplicate enrolment check a biometric reference will be used as the subject for comparison against all other biometric references in the database. Note 3 to entry: Typically in a biometric comparison process, incoming biometric sample
25、s serve as the subject of comparison against objects stored as biometric references in a database. SOURCE: ISO/IEC 2382-37:2012 Note 4 to entry: In the scope of ISO/IEC 7816-11, these two terms are used under the more generalized term of “biometric verification data”. 2.2 biometric reference one or
26、more stored biometric samples, biometric templates or biometric models attributed to a biometric data subject and used as the object of biometric comparison EXAMPLE Face image stored digitally on a passport; Fingerprint minutiae template on a National ID card; Gaussian Mixture Model for speaker reco
27、gnition, in a database. Note 1 to entry: A biometric reference may be created with implicit or explicit use of auxiliary data, such as Universal Background Models. Note 2 to entry: The subject/object labelling in a comparison might be arbitrary. In some comparisons a biometric reference might be use
28、d as the subject of the comparison with other biometric references or incoming samples used as the objects of the comparisons. For example, in a duplicate enrolment check a biometric reference will be used as the subject for comparison against all other biometric references in the database. SOURCE:
29、ISO/IEC 2382-37:2012 Note 3 to entry: In the scope of ISO/IEC 7816-11, this term is used under the more generalized term of “biometric reference data”. TECHNICAL REPORT ISO/IEC TR 30117:2014(E) ISO/IEC 2014 All rights reserved 1 ISO/IEC TR 30117:2014(E) 2.3 biometric feature numbers or labels extrac
30、ted from biometric samples and used for comparison Note 1 to entry: Biometric features are the output of a completed biometric feature extraction. Note 2 to entry: The use of this term should be consistent with its use by the pattern recognition and mathematics communities. Note 3 to entry: A biomet
31、ric feature set can also be considered a processed biometric sample. Note 4 to entry: Biometric features may be extracted from an intermediate biometric sample. Note 5 to entry: Filters applied to biometric samples are not themselves biometric features, however the output of the filter applied to th
32、ese samples may be. Therefore, for example, eigenfaces are not biometric SOURCE: ISO/IEC 2382-37:2012 2.4 biometric sample analog or digital representation of biometric characteristics prior to biometric feature extraction EXAMPLE A record containing the image of a finger is a biometric sample. SOUR
33、CE: ISO/IEC 2382-37:2012 2.5 biometric template set of stored biometric features comparable directly to probe biometric features Note 1 to entry: In the scope of ISO/IEC 7816, the term template has a completely different meaning, being in that case the “value field of a constructed data object”, no
34、matter if the data object relates to biometrics or not. 2.6 intermediate biometric sample/probe biometric sample/probe resulting from intermediate biometric sample processing EXAMPLE Biometric samples that have been cropped, down-sampled, compressed or enhanced are examples of intermediate biometric
35、 samples. SOURCE: ISO/IEC 2382-37:2012 2.7 intermediate biometric sample processing any manipulation of a biometric sample that does not produce biometric features EXAMPLE Examples of intermediate biometric sample processing include cropping, down-sampling, compression, conversion to data interchang
36、e formats standard and image enhancement. SOURCE: ISO/IEC 2382-37:2012 2.8 processed sample/probe biometric sample/probe resulting from biometric sample processing that is ready to be used for storage as a biometric reference, or to be compared with a previous biometric reference EXAMPLE Fingerprint
37、 minutiae or iris codes are examples of processed biometric samples. 2.9 captured biometric sample raw biometric sample (deprecated) biometric sample resulting from a biometric capture process SOURCE: ISO/IEC 2382-37:20122 ISO/IEC 2014 All rights reserved ISO/IEC TR 30117:2014(E) 3 Symbols and abbre
38、viated terms API Application Program Interface BIR Biometric Information Record CBEFF Common Biometric Exchange Format Framework ICC Integrated Circuit Card IFD Interface Device SB Security Block, as defined in CBEFF standard ISO/IEC 19785-1 COS Card Operating System 4 Relationships between biometri
39、cs and ICCs ISO/IEC 24787 16provides a comprehensive introduction to the different ways that biometrics and ICCs can be integrated into a final application. This is summarized as follows as to provide a brief introduction to the reader of this Technical Report. When integrating biometrics into ICCs,
40、 four different approaches can be followed: Store on card: In this case, the ICC is used to store the biometric reference. The application will read from the ICC the biometric reference, as needed, and execute all the authentication process within the IFD or rest of the system. The COS has no extra
41、control on the biometric data, apart from using the same kind of mechanisms that when storing any other kind of data into the ICC. On-card biometric comparison: In this approach the ICC not only stores the biometric reference, but also performs the biometric comparison inside the card, once an exter
42、nal biometric probe has been received by the ICC. With this approach, the COS can use the same control with the biometric reference, as with those administrative keys stored in the card (e.g. not allowing the reading of the biometric reference, controlling the number of consecutive unsuccessful comp
43、arisons carried out, blocking the authentication mechanism if a certain number of consecutive unsuccessful comparisons is reached, etc.). Also the COS can control de access to other information in the card, or commands within the card, considering the result of a previous on-card biometric compariso
44、n. In this technology the biometric probe is usually considered to be a biometric feature set, instead of a raw sample. Work-sharing mechanism for on-card biometric comparison: the previous approach may not be able to be fully integrated into the ICC due to several reasons, being the most frequent,
45、the lack of processing capabilities of the ICC. In such a case, it might be possible that part of the process is executed in the IFD or system, and the results transmitted to the ICC to end the comparison process. Although this is initially defined for sharing the work on the comparison algorithm, t
46、his same schema can be used for the pre-processing and the feature extraction phases of the biometric process. In the former case, the biometric probe to be sent to the card is to be a biometric feature set, while in the latter case the biometric probe can be a raw sample, an intermediate sample or
47、a processed sample. System-on-Card: this approach is based on the inclusion of all the steps of the biometric process within the ICC, including the sample acquisition, i.e. the sensor is embedded into the ICC. Due to this definition, only certain modalities can be considered with the technology exis
48、ting nowadays, being restricted to those where the sensor is small and flexible as to allow the ICC to pass the physical and mechanical test methods defined in ISO/IEC 10373-1. If the physical restrictions are removed and other kind of embodiments are selected (keeping conformance to the rest of app
49、licable ICC standards), then the number of biometric modalities can be increased. With these initial concepts, the application designer or developer is to take several decisions as to define the whole system and the relationship to be established between biometrics and ICCs. The following ISO/IEC 2014 All rights reserved 3 ISO/IEC TR 30117:2014(E) decision tree is provided for illustration purposes, where the subsequent clauses in this Technical Report are referenced. a) Is the system going to be implementing an authenti
